PearCMS

Here is the PearCMS...100% VirusFree.
Demo:
Habblok: Maak vrienden, doe mee en val op!
Downloadlinks:
CMS: PearCMS.rar downloaden
Database: DATABASE.sql

It's Dutch...


Greetz,
bras1223

Looks nice, thanks

Haha nice but your demo failed. You need to write .php after everything except the register part. But it looks so nice <3

Quote:

---

Originally Posted by Hubb0

Haha nice but your demo failed. You need to write .php after everything except the register part. But it looks so nice <3

---

Ow sorry, but that isn't in the download

I don't like it at all.
Just a custom frontpage like every rename.
It makes me sick.

-Butler

Edit/rename habblok CMS

Pages doesn't exist in the demo.

Rename from Habbore ;)
And this renamed cms got exploits.

Quote:

---

Originally Posted by The Rules

Pages doesn't exist in the demo.

---

You have to put .php after all of the links.

Quote:

---

Originally Posted by .::Arjan::.

Rename from Habbore ;)
And this renamed cms got exploits.

---

Excuse me but, why are you here?

Rename is not an edit, so if there are exploits in this rename, the are also in the original or it isn't a rename.

*cough* dumb ass *cough*

And you are so smart, because if it was an rename of Habbore there wasn't standing HABLOK in the demo link. Because hablok is an cms, as everybody knows.

-Butler

Why do you releasy MY CMS? ...

And for your information, my CMS doesn't have exploits.. lol

@blink182sp44
- Habblok is noob, it's Habbore.. lol

There are virus in it

Potential exploit in the bots page.

PHP Code:

---

 $nombre = $_POST['nombre'];
$mision = $_POST['mision'];
$ropa = $_POST['look'];
$posicionx = $_POST['posicionx'];
$posiciony = $_POST['posiciony'];
$sala = $_POST['sala'];
$estado = $_POST['estado'];
$rotacion = $_POST['rotacion'];

mysql_query("INSERT INTO `bots`(`room_id`, `name`, `motto`, `look`, `x`, `y`, `rotation`, `walk_mode`, `owner`) VALUES ('$sala', '$nombre', '$mision', '$ropa', '$posicionx', '$posiciony', '$rotacion', '$estado', '$owner')"); 


---

It doesn't look like any of the posts are filtered. This could give attackers full access to your database.



And why would you have an email flooder in your download.
bom.php (Also available on your demo site, http://virusfreetest.hostizzo.com/bom.php)

PHP Code:

---

<?php 
if(isset($_POST['submit'])){ 
$content = "Dit bericht is afkomtstig van:<br><hr><b>Naam</b>: ". $_POST["naam"] ." (<b>". $leeftijd ."</b> jaar)<br>Email: ". $_POST["email"] ."<br><b>Website</b>: ". $_POST["url"] ."<br><hr>Hij schreef: <br><hr>". $content ."<br><hr>"; 
$headers .= "MIME-version: 1.0n"; 
$headers .= "Content-Type: text/html; charset=iso-8859-1n"; 
$headers .= "From: ". $_POST["from"] ."n"; 
$aantal = $_POST["aantal"]; 
$aantal = $aantal-1; 
for($i=0; $i <= $aantal; $i++){ 
$a = mail($_POST["to"],$_POST["onderwerp"],$_POST["bericht"],$headers); 
if($a){ 
echo $i .". Email verzonden<br>"; 
} 
else{ 
echo "Door fout is de email NIET verzonden"; 
} 
} 
} 
if(!isset($_POST['submit'])){ 
?> 
<form action="<?php echo $_SERVER["PHP_SELF"]; ?>" method="POST"> 
Onderwerp: <input type="text" name="onderwerp"><br> 
Van (emailadres): <input type="text" name="from"><br> 
Naar (emailadres): <input type="text" name="to"><br> 
Hoeveel mailtjes: <input type="text" name="aantal"><br> 
<textarea cols="50" rows="10" name="bericht">Bericht...</textarea><br> 
<input type="submit" name="submit" value="Stuur"> 
<?php 
} 
?>

---

1.Exploit 2. Database's db? fail!

I'm Not Liked .